<?php

//管理员模型

class Admin_model extends S_Model {

	protected $password_key = 'fdj89akfjdafd3';

	//返回管理员列表分页数据 （当前页，每页数量）
	public function get_page($p, $per_page)
	{
		return $this->db->select('admin.id, admin.group_id, admin.username, admin.email, admin.banned, group.name as group_name')->from('admin')->join('group', 'admin.group_id = group.id', 'left')->limit($per_page, $per_page*($p-1))->get()->result_array();
	}
	
	//登录（用户名，密码，验证码）
	public function login($username, $password, $verify)
	{
		$username = trim($username);
		$password = trim($password);
		$verify = trim($verify);
		
		if (md5(strtolower($verify)) !== $this->session->get('verify'))
		{
			$this->set_error('验证码错误！');
			return FALSE;
		}
		$this->session->delete('verify');
		
		$admin_data = $this->get_row(array('username' => $username), array('id', 'group_id', 'password', 'banned', 'access_list'));
		if ( ! $admin_data)
		{
			$this->set_error('账号不存在！');
			return FALSE;
		}
		elseif ($admin_data['password'] != $this->password_hash($password))
		{
			$this->set_error('用户名/密码错误！');
			return FALSE;
		}
		elseif ($admin_data['banned'] == 1)
		{
			$this->set_error('账号已经被禁用！');
			return FALSE;
		}
		
		if ($admin_data['group_id'] > 0)
		{
			$this->load->model('group_model');
			$group_data = $this->group_model->get($admin_data['group_id'], array('name', 'access_list'));
			if ($group_data)
			{
				$admin_data['access_list'] = trim($admin_data['access_list'].','.$group_data['access_list'], ',');
			}
		}
		
		//管理员的权限
		$admin_access = array_unique(explode(',', $admin_data['access_list']));
		
		$this->load->model('access_model');
		$access_list = $this->access_model->get_list(array('banned' => 0));
		
		//需要检测的访问权限数组，md5(目录.控制器.方法)
		$need_check_access = array();
			
		if ($admin_access)
		{
			if ($access_list)
			{
				foreach ($access_list as $row)
				{
					$item = strtolower($row['directory'].$row['controller'].$row['method']);
					foreach ($admin_access as $k => &$v)
					{
						if ($row['id'] == $v)
						{
							$v = $item;
						}
						else
						{
							$v = '';
						}
					}
					$need_check_access[] = $item;
				}
			}
			else
			{
				$admin_access = array();
			}
		}
		
		$admin_access = array_filter($admin_access);
		
		$this->session->set('admin_id', $admin_data['id']);
		$this->session->set('admin_username', $username);
		$this->session->set('admin_access', $admin_access);
		$this->session->set('need_check_access', $need_check_access);
		
		return TRUE;
	}
	
	//注销
	public function logout()
	{
		$this->session->delete('admin_id');
		$this->session->delete('admin_username');
		$this->session->delete('admin_access');
		$this->session->delete('need_check_access');
		return TRUE;
	}
	
	//是否登录，TRUE or FALSE
	public function is_login()
	{
		return (boolean)$this->session->get('admin_id');
	}
	
	//是否有权访问，TRUE or FALSE（目录，控制器，方法）
	public function check_access($directory, $controller, $method)
	{
		$access = strtolower($directory.$controller.$method);
		$admin_access = $this->session->get('admin_access');
		$need_check_access = $this->session->get('need_check_access');
		
		if ($need_check_access && in_array($access, $need_check_access))
		{
			return $admin_access ? in_array($access, $admin_access) : FALSE;
		}
		
		return TRUE;
	}
	
	//返回加密密码
	public function password_hash($password)
	{
		return md5(md5($password) + $this->password_key);
	}
	
	//返回用户名是否可注册，可用TRUE，不可用FALSE
	public function is_username_available($username)
	{
		$condition = array(
			'username' => $username
		);
		
		return $this->exists($condition) ? FALSE : TRUE;
	}

}